package top.melody.ecommerce.webapps.console.controller;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.support.ResourceBundleMessageSource;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import top.melody.ecommerce.common.util.JsonMapper;
import top.melody.ecommerce.common.util.security.DES3;
import top.melody.ecommerce.platform.api.domain.system.SecurityUser;
import top.melody.ecommerce.platform.handler.enums.ResultMsg;
import top.melody.ecommerce.platform.handler.enums.ValidStatus;
import top.melody.ecommerce.webapps.console.base.AssertContext;
import top.melody.ecommerce.webapps.console.base.Constant;
import top.melody.ecommerce.webapps.console.base.SecurityUserSession;
import top.melody.ecommerce.webapps.console.weblogic.SecurityUserWeblogic;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Locale;

@Controller
public class LoginController {

    private static final Logger logger = LoggerFactory.getLogger(LoginController.class);
    @Resource
    private SecurityUserWeblogic userWeblogic;
    @Resource
    private ResourceBundleMessageSource i18nSource;

    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String login() {
        return "login";
    }


    @RequestMapping(value = "/login", method = RequestMethod.POST)
    @ResponseBody
    public String login(@RequestParam("loginId")String userId,
                        @RequestParam("password")String password,
                        HttpServletRequest request) {
        ResultMsg resultMsg = new ResultMsg(ResultMsg.CODE_E);
        try {
            SecurityUser securityUser = userWeblogic.getSecurityUser(userId);
            if(securityUser == null) {
                resultMsg.setMsg(i18nSource.getMessage(Constant.ERROR_SECURITY_USER_NOT_EXISTS, null, Locale.CHINA));
                return JsonMapper.nonEmptyMapper().toJson(resultMsg);
            }
            String encryptPassword = DES3.encode(password);
            if(!securityUser.getOpPassword().equals(encryptPassword)) {
                resultMsg.setMsg(i18nSource.getMessage(Constant.ERROR_SECURITY_USER_PASSWORD_INCORRECT, null, Locale.CHINA));
                return JsonMapper.nonEmptyMapper().toJson(resultMsg);
            }
            if(securityUser.getValidStatus().equals(ValidStatus.LOCKED)) {
                resultMsg.setMsg(i18nSource.getMessage(Constant.ERROR_SECURITY_USER_LOCKED, null, Locale.CHINA));
                return JsonMapper.nonEmptyMapper().toJson(resultMsg);
            }
            //login success ! write session
            SecurityUserSession userSession = new SecurityUserSession(securityUser,password);
            AssertContext.putSecurityUser2Session(userSession,request);
            resultMsg.setMsg(null);
            resultMsg.setStatusCode(ResultMsg.CODE_S);
        } catch (Exception e) {
            logger.error("occurred exception when login, loginId:【{}】, and password:【{}】 ", e);
        }
        return JsonMapper.nonEmptyMapper().toJson(resultMsg);
    }


    @RequestMapping("/logout")
    public String logout(HttpServletRequest request) {
        AssertContext.removeSecurityFromSession(Constant.CURRENT_USER_SESSION_ID, request);
        return "redirect:" + AssertContext.getContextPath(request);
    }
}